The NBN vendor vortex

Almost every telecommunications network equipment supplier for the National Broadband Network, from the Far East to the Scandinavian Mountains, has been or alleged to have been connected with spying, fraud or plain-vanilla bribery.

analysis Almost every telecommunications network equipment supplier for the National Broadband Network, from the Far East to the Scandinavian Mountains, has been or alleged to have been connected with spying, fraud or plain-vanilla bribery.

NBN Co, Australia's future wholesale-only provider, is currently investigating every single potential supplier. And if it wants a squeaky clean record, Australia may very well have to dump the $43 billion network altogether or build everything, switches and routers, itself.

Late last year, NBN Co commenced its investigations into the companies that are hoping to gain a spot as the lead supplier for what Kevin Rudd has repeatedly pointed out is the largest infrastructure project in Australia's history.

The hopefuls — Swedish vendor Ericsson, French company Alcatel-Lucent, China's Huawei, Japan's local arm of NEC and Finnish-German joint venture Nokia Siemens Networks — are all vying for a spot at the table.

NBN Co said last December: if you want to be a part of this, you'll have to point out major deployments you have been involved in. No problems; all of them can do that. But, if you really want to be a part of this, you'll also have to show us your dirty laundry. NBN Co asked each supplier to provide details of any investigation conducted by "any agency, authority or regulator in connection with improper business practices".

If these companies were wise, they would probably list what I could find with about 10 minutes research time.

First cab of the rank is Ericsson. Its submission to NBN Co no doubt will have to note that its former Australian chief Bill Zikou was in 2006 hauled before the European Parliament to explain how the company's equipment had facilitated spying efforts that targeted 100 of Greece's top officials on UK giant Vodafone's network in the country. (Zikou had headed up Ericsson's Greek operations before moving on to the Australian market.)

The phones of the top level politicians and government officials had been tapped for a period of two years. Security news site Heise Security News published an explanation of how the tapping had occurred.

Ericsson's AXE switches that were installed at Vodafone's switching centres had been compromised. Unauthorised code had been installed on the switches, which enabled spies to make use of what every telco has installed — legitimate tapping modules. But the rogue code also allowed the spies to bypass normal monitoring services that would have flagged that phone tapping was going on.

Vodafone blamed its supplier, Ericsson, saying that it was never informed of the legitimate tapping software. Given that almost all telcos, including ISPs, have the capacity to do this in order to support police investigations, it's surprising that Vodafone said it was not aware of this.

Zikou denied Vodafone's account to the European Parliament. "Ericsson provided the customer with full details and informative documents, noting that the new software package included software components for lawful interception," Zikou told Parliament, according to a statement released in Greek by Ericsson.

The fiasco led to the apparent suicide of Vodafone Greece network manager and the investigator of the spying allegations, Kostas Tsalikidis.

As for Alcatel-Lucent, NBN Co's chief Mike Quigley could probably write its submission himself if he wanted, given that he was chief operating officer of the company for several years, including those the company had a few run-ins with the law in Costa Rica.

In its 2009 annual report, Alcatel-Lucent noted a 2004 scandal in which it was being investigated by Costa Rican prosecutors and the National Congress over payments made to consultants of the nation's telco by one of its local subsidiaries.

"In connection with the Costa Rica allegations, on 27 July 2007, the Costa Rican Prosecutor's Office indicted 11 individuals, including the former president of Alcatel de Costa Rica, on charges of aggravated corruption, unlawful enrichment, simulation, fraud and others," Alcatel-Lucent said in its report.

Nokia Siemens Networks too has some dirt. Indeed, the very deal that unified the network divisions of the Finnish and German companies was stalled in 2006 due to investigations into bribery at Siemens.

And then there is Huawei, the great unknown. The only fact that is known is that its chief executive Ren Zhengfei served in the People Liberation's Army. Whether it is being investigated by the Australian Security and Intelligence Organisation is not known. If it is, then presumably by now, NBN Co's Mike Quigley would know about it.

So what should Australia do? Are we going to sit by idly and watch our country's network become infiltrated by companies which have been involved in dodgy dealings?

Perhaps, since clearly no vendor can be trusted, Australia should do what the Defence Signals Directorate does for secret networks: abandon commodity equipment altogether, and build in-house equipment. The NBN might cost $89 billion, but at least we'll be safe.

Or, we can just make a decision on a network vendor with our eyes open, knowing that there are risks with each of them.